Acronyms used in the CISA Exam
ASCII | American Standard Code for Information Interchange | |
Bit | Binary digit | |
CASE | Computer-aided system engineering | |
CCTV | Closed-circuit television | |
CPU | Central processing unit | |
DBA | Database administrator | |
DBMS | Database management system | |
EDI | Electronic data interchange | |
FTP | File Transfer Protocol | |
HTTP | Hypertext Transmission Protocol | |
HTTPS | Secured Hypertext Transmission Protocol | |
ID | Identification | |
IDS | Intrusion detection system | |
IP | Internet protocol | |
IS | Information systems | |
ISO | International Organization for Standardization | |
IT | Information technology | |
LAN | Local area network | |
PBX | Private branch (business) exchange | |
PC | Personal computer/microcomputer | |
PCR | Program change request | |
PDA | Personal digital assistant | |
PERT | Program Evaluation Review Technique | |
PIN | Personal identification number | |
PKI | Public key infrastructure | |
RAID | Redundant Array of Inexpensive Disks | |
RFID | Radio frequency identification | |
SDLC | System development life cycle | |
SSL | Secure Sockets Layer | |
TCP | Transmission Control Protocol | |
UPS | Uninterruptible power supply | |
VoIP | Voice-over Internet Protocol | |
WAN | Wide area network | |
Additional Acronyms | ||
4GL | Fourth-generation language | |
ACID | Atomicity, consistency, isolation and durability | |
ACL | Access control list | |
AES | Advanced Encryption Standard | |
AH | Authentication header | |
AI | Artificial intelligence | |
AICPA | American Institute of Certified Public Accountants | |
ALE | Annual loss expectancy | |
ALU | Arithmetic-logic unit | |
ANSI | American National Standards Institute | |
API | Application programming interface | |
ARP | Address Resolution Protocol | |
ASIC | Application-specific integrated circuit | |
ATDM | Asynchronous time division multiplexing | |
ATM | Asynchronous Transfer Mode or automated teller machine | |
B-to-B | Business-to-business | |
B-to-C | Business-to-consumer | |
B-to-E | Business-to-employee | |
B-to-G | Business-to-government | |
BCI | Business Continuity Institute | |
BCM | Business continuity management | |
BCP | Business continuity planning | |
BI | Business intelligence | |
BIA | Business impact analysis | |
BIMS | Biometric Information Management and Security | |
BIOS | Basic Input/Output System | |
BIS | Bank for International Settlements | |
BLP | Bypass label process | |
BNS | Backbone network services | |
BOM | Bill of materials | |
BOMP | Bill of materials processor | |
BPR | Business process reengineering | |
BRP | Business recovery (or resumption) plan | |
BSC | Balanced scorecard | |
CA | Certificate authority | |
CAAT | Computer-assisted audit technique | |
CAD | Computer-assisted design | |
CAE | Computer-assisted engineering | |
CAM | Computer-aided manufacturing | |
CASE | Computer-aided software engineering | |
CCK | Complimentary Code Keying | |
CCM | Constructive Cost Model | |
CD | Compact disk | |
CD-R | Compact disk-recordable | |
CD-RW | Compact disk-rewritable | |
CDDF | Call Data Distribution Function | |
CDPD | Cellular Digital Packet Data | |
CEO | Chief executive officer | |
CERT | Computer emergency response team | |
CGI | Common gateway interface | |
CIAC | Computer Incident Advisory Capability | |
CICA | Canadian Institute of Chartered Accountants | |
CIM | Computer-integrated manufacturing | |
CIO | Chief information officer | |
CIS | Continuous and intermittent simulation | |
CISO | Chief information security officer | |
CMDB | Configuration management database | |
CMM | Capability Maturity Model | |
CMMI | Capability Maturity Model Integration | |
CNC | Computerized Numeric Control | |
COBIT | Control Objectives for Information and related Technology | |
COCOMO2 | Constructive Cost Model | |
CODASYL | Conference on Data Systems Language | |
COM | Component Object Model | |
COM/DCOM | Component Object Model/Distributed Component Object Model | |
COOP | Continuity of operations plan | |
CORBA | Common Object Request Broker Architecture | |
CoS | Class-of-service | |
COSO | Committee of Sponsoring Organizations of the Treadway Commission | |
CPM | Critical Path Methodology | |
CPO | Chief privacy officer | |
CPS | Certification practice statement | |
CRC | Cyclic redundancy check | |
CRL | Certificate revocation list | |
CRM | Customer relationship management | |
CSA | Control self-assessment | |
CSF | Critical success factor | |
CSIRT | Computer security incident response team | |
CSMA/CD | Carrier-sense Multiple Access/Collision Detection | |
CSO | Chief security officer | |
CSU-DSU | Channel service unit/digital service unit | |
DAC | Discretionary access controls | |
DASD | Direct access storage device | |
DAT | Digital audio tape | |
DCE | Data communications equipment | |
DCE | Distributed computing environment | |
DCOM | Distributed Component Object Model (Microsoft) | |
DCT | Discrete Cosine Transform | |
DD/DS | Data dictionary/directory system | |
DDL | Data Definition Language | |
DDN | Digital Divide Network | |
DDoS | Distributed denial of service | |
DECT | Digital Enhanced Cordless Telecommunications | |
DES | Data Encryption Standard | |
DFD | Data flow diagram | |
DHCP | Dynamic Host Configuration Protocol | |
DID | Direct inward dial | |
DIP | Document image processing | |
DLL | Dynamic link library | |
DMS | Disk management system | |
DMZ | Demilitarized zone | |
DNS | Domain name server | |
DoS | Denial of service | |
DOSD | Data-oriented system development | |
DRII | Disaster Recovery Institute International | |
DRP | Disaster recovery planning | |
DSL | Digital subscriber lines | |
DSS | Decision support systems | |
DSSS | Direct-sequence spread spectrum (DSSS) | |
DTE | Data terminal equipment | |
DTR | Data terminal ready | |
DVD | Digital video disc | |
DVD-HD | Digital video disc-high definition/high density | |
DW | Data warehouse | |
EA | Enterprise architecture | |
EAC | Estimates at completion | |
EAI | Enterprise application integration | |
EAM | Embedded audit module | |
EAP | Extensible Authentication Protocol | |
EBCDIC | Extended Binary-coded for Decimal Interchange Code | |
EC | Electronic commerce | |
ECC | Elliptical curve cryptography | |
EDFA | Enterprise data flow architecture | |
EER | Equal-error rate | |
EFT | Electronic funds transfer | |
EIGRP | Enhanced Interior Gateway Routing Protocol | |
EJB | Enterprise java beans | |
EMI | Electromagnetic interference | |
EMRT | Emergency response time | |
ERD | Entity relationship diagram | |
ERP | Enterprise resource planning | |
ESP | Encapsulating security payload | |
EVA | Earned value analysis | |
FAR | False-acceptance rate | |
FAT | File allocation table | |
FC | Fibre channels | |
FDDI | Fiber-Distributed Data Interface | |
FDM | Frequency division multiplexing | |
FEA | Federal enterprise architecture | |
FEMA | Federal Emergency Management Association (USA) | |
FER | Failure-to-enroll rate | |
FERC | Federal Energy Regulatory Commission (USA) | |
FFIEC | Federal Financial Institutions Examination Council (USA) | |
FFT | Fast Fourier Transform | |
FHSS | Frequency-hopping spread spectrum | |
FIPS | Federal Information Processing Standards | |
FP | Function point | |
FPA | Function point analysis | |
FRAD | Frame relay assembler/disassembler | |
FRB | Federal Reserve Board (USA) | |
FRR | False-rejection rate | |
GAS | Generalized audit software | |
GB | Gigabyte | |
GID | Group ID | |
GIS | Geographic information systems | |
GPS | Global position system | |
GSM | Global system for mobile communications | |
GUI | Graphical user interface | |
HA | High availability | |
HD-DVD | High definition/high density-digital video disc | |
HDLC | High-level data link control | |
HIPAA | Health Insurance Portability and Accountability Act (USA) | |
HIPO | Hierarchy input-process-output | |
HTML | Hypertext Markup Language | |
HW/SW | Hardware/software | |
I/O | Input/output | |
I&A | Identification and authentication | |
ICMP | Internet Control Message Protocol | |
ICT | Information and communication technologies | |
IDE | Integrated development environment | |
IDEF1X | Integration Definition for Information Modeling | |
IETF | Internet Engineering Task Force | |
IPF | Information processing facility | |
IPL | Initial program load | |
IPMA | International Project Management Association | |
IPRs | Intellectual property rights | |
IPS | Intrusion prevention system | |
IPSec | IP Security | |
IPX | Internetwork Packet Exchange | |
IR | Incident response | |
IR | Infrared | |
IRC | Internet relay chat | |
IrDA | Infrared Data Association | |
IRM | Incident response management | |
IS/ORP | IS disaster recovery planning | |
ISAKMP/Oakley | Internet Security Association and Key Management Protocol/Oakley | |
ISAM | Indexed Sequential Access Method | |
ISDN | Integrated services digital network | |
ISP | Internet service provider | |
ITF | Integrated test facility | |
ITGI | IT Governance Institute | |
ITIL | Information Technology Infrastructure Library | |
ITSM | IT service management | |
ITT | Invitation to tender | |
ITU | International Telecommunications Union | |
JIT | Just in time | |
Kb | Kilobit | |
KB | Kilobyte | |
KB | Knowledge base | |
KDSI | Thousand delivered source instructions | |
KGI | Key goal indicator | |
KLOC | Kilo lines of code | |
KPI | Key performance indicator | |
L2TP | Layer 2 Tunneling Protocol | |
LCP | Link Control Protocol | |
M&A | Mergers and acquisition | |
MAC | Mandatory Access Control | |
MAC address | Media Access Control address | |
MAN | Metropolitan area network | |
MAP | Manufacturing accounting and production | |
MIS | Management information system | |
MODEM | Modulator/demodulator | |
MOS | Maintenance out of service | |
MPLS | Multiprotocol label switching | |
MRP | Manufacturing resources planning | |
MSAUs | Multistation access units | |
MTBF | Mean time between failures | |
MTS | Microsoft’s Transaction Server | |
MTTR | Mean time to repair | |
NAP | Network access point | |
NAS | Network access server or Network attached storage | |
NAT | Network address translation | |
NCP | Network Control Protocol | |
NDA | Nondisclosure agreement | |
NFPA | National Fire Protection Agency (USA) | |
NFS | Network file system | |
NIC | Network interface card | |
NIST | National Institute of Standards and Technology (USA) | |
NNTP | Network News Transfer Protocol | |
NSP | Name Server Protocol or Network service provider | |
NT | New technology | |
NTFS | NT file system | |
NTP | Network Time Protocol | |
OBS | Object Breakdown Structure | |
OCSP | Online Certificate Status Protocol | |
OECD | Organization for Economic Cooperation and Development | |
OEP | Occupant emergency plan | |
OFDM | Orthogonal frequency division multiplexing | |
OLAP | Online analytical processing | |
OO | Object-oriented | |
OOSD | Object-oriented system development | |
ORB | Object request broker (ORB) | |
OS | Operating system | |
OSI | Open Systems Interconnection | |
OSPF | Open Shortest Path First | |
PAD | Packet assembler/disassembler | |
PAN | Personal area network | |
PBX | Private branch exchange | |
PDCA | Plan-Do-Check-Act | |
PDN | Public data network | |
PER | Package-enabled reengineering | |
PHY | Physical layer | |
PICS | Platform for Internet content selection | |
PID | Process ID | |
PID | Project Initiation Document | |
PMBOK | Project Management Body of Knowledge | |
PMI | Project Management Institute | |
POC | Proof of concept | |
POP | Proof of possession | |
POS | Point of sale or Point-of-sale systems | |
POTS | Plain old telephone service | |
PPP | Point-to-point Protocol | |
PPPoE | Point-to-point Protocol Over Ethernet | |
PPTP | Point-to-Point Tunneling Protocol | |
PR | Public relations | |
PRD | Project request document | |
PRINCE2 | Projects in Controlled Environments 2 | |
PROM | Programmable Read-Only Memory | |
PSTN | Public switched telephone network | |
PVC | Permanent virtual circuit | |
QA | Quality assurance | |
QAT | Quality assurance testing | |
RA | Registration authority | |
RAD | Rapid application development | |
RADIUS | Remote Access Dial-in User Service | |
RAID | Redundant Array of Inexpensive Disks | |
RAM | Random access memory | |
RAS | Remote access service | |
RBAC | Role-based access control | |
RDBMS | Relational database management system | |
RF | Radio frequency | |
RFI | Request for information | |
RFP | Request for proposal | |
RIP | Routing Information Protocol | |
RMI | Remote method invocation | |
ROI | Return on investment | |
ROLAP | Relational online analytical processing | |
ROM | Read-only memory | |
RPC | Remote procedure call | |
RPO | Recovery point objective | |
RST | Reset | |
RTO | Recovery time objective | |
RW | Rewritable | |
S/HTTP | Secure Hypertext Transfer Protocol | |
S/MIME | Secure Multipurpose Internet Mail Extensions | |
SA | Security Association | |
SAN | Storage area network | |
SANS | The SANS Institute | |
SAS | Statement on Auditing Standards | |
SBC | Session border controller | |
SCADA | Supervisory Control and Data Acquisition | |
SCARF | Systems Control Audit Review File | |
SCARF/EAM | Systems Control Audit Review File and Embedded Audit Modules | |
SCM | Supply Chain Management | |
SCOR | Supply Chain Operations Reference | |
SD/MMC | Secure digital multimedia card | |
SDLC | System development life cycle | |
SDO | Service delivery objective | |
SEC | Securities and Exchange Commission (USA) | |
SET | Secure electronic transactions | |
SLA | Service level agreement | |
SLIP | Serial Line Internet Protocol | |
SLM | Service level management | |
SLOC | Source lines of code | |
SMART | Specific, measurable, achievable, relevant, time-bound | |
SME | Subject matter expert | |
SMF | System management facility | |
SMTP | Simple Mail Transport Protocol | |
SNA | Systems network architecture | |
SNMP | Simple Network Management Protocol | |
SO | Security officer | |
SOA | Service-oriented architecture | |
SOAP | Simple Object Access Protocol | |
SOHO | Small office-home office | |
SPI | Security parameter index | |
SPICE | Software Process Improvement and Capability Determination | |
SPOC | Single point of contact | |
SPOOL | Simultaneous peripheral operations online | |
SQL | Structured Query Language | |
SSH | Secure Shell | |
SSID | Set services identifiers | |
SSO | Single sign-on | |
SVC | Switched virtual circuits | |
SYSGEN | System generation | |
TACACS | Terminal Access Control Access Control System | |
TCO | Total cost of ownership | |
TCP/IP | Transmission Control Protocol/Internet Protocol | |
TCP/UDP | Transmission Control Protocol/User Datagram Protocol | |
TDM | Time-division multiplexing | |
TELNET | Teletype network | |
TES | Terminal emulation software | |
TFTP | Trivial File Transport Protocol | |
TKIP | Temporal Key Integrity Protocol | |
TLS | Transport layer security | |
TMS | Tape management system | |
TP monitors | Transaction processing (TP) monitors | |
TQM | Total quality management | |
TR | Technical report | |
UAT | User acceptance testing | |
UBE | Unsolicited bulk e-mail | |
UDDI | Description, discovery and integration | |
UDP | User Datagram Protocol | |
UID | User ID | |
UML | Unified Modeling Language | |
URI | Uniform resource identifier | |
URL | Universal resource locator | |
URN | Uniform resource name | |
USB | Universal Serial Bus | |
VLAN | Virtual local area network | |
VoIP | Voice-Over IP | |
VPN | Virtual private network | |
WAP | Wireless Application Protocol | |
WBS | Work breakdown structure | |
WEP | Wired Equivalent Privacy | |
WLAN | Wireless local area network | |
WML | Wireless Markup Language | |
WORM | Write-once and read many | |
WP | Work packages | |
WPA | Wi-Fi Protected Access | |
WPAN | Wireless personal area network | |
WSDL | Web Services Description Language | |
WWAN | Wireless wide area network | |
WWW | World Wide Web | |
X-to-X | Exchange-to-Exchange | |
XBRL | Extensible Business Reporting Language | |
XML | Extensible Markup Language | |
Xquery | XML query | |
XSL | Extensible Stylesheet Language |